IISscan v1.0 scans networks for IIS servers vulnerable to the unicode bug.
3c3d59978a521e77e4cd36649b23cbb404e3411fe080d04a7542b236aa3459ad
login package for linux - backdoored.
26005789c6223882d581a34bd0892e334e1fc46cd32394ee8cc37d48b87679b0
Apache-SSL is a set of patches for Apache to create a secure Webserver, based on SSLeay/OpenSSL. It is designed to be small, secure, and efficient.
dfadf144d08e8538be36b7d59b6b23856b5ca250427d66c0c7ce7f8bd8277811
Apache is the most popular webserver on the Internet, quite possibly the best in terms of security, functionality, efficiency, and speed.
2b731f71284a31b28d8e553fb5f4917293c1d21e065467b39a50706466f88438
UCD-snmp v4.2.1 and below remote root exploit for the long community string overflow on Linux/x86. Tested against Slackware 8.0, includes instructions for finding more offsets. Binds a shell to tcp port 10000.
eb4a50c9c0dd410d730f1d07d223ab85c80cc864aeca71b53ef5631777dff41f
NetBSD Security Advisory 2002-004 - An off by one overflow has been discovered in the channel code of OpenSSH versions 2.0 - 3.0.2 can be used to execute code on systems running vulnerable OpenSSH clients and servers. NetBSD fixed this vulnerability in versions 1.5 - 1.5.2 and announced that the fix will be included in NetBSD 1.5.3.
35d64679ad8b60205c3868196bf86fd85e46f45ac237b9994146c212404c430f
NetBSD Security Advisory 2002-002 - A buffer overflow found in Gzip can under certain conditions be used to execute shellcode with elevated privileges, for example through certain FTP servers. NetBSD fixed this vulnerability for CURRENT, 1.5 - 1.5.2 and 1.4 - 1.4.3.
0711d864488b65c071d0b4fba53663aada9d306b2d2e0f03d43b2c5e7db33503
PHP Nuke 5.X path disclosure vulnerability through modules.php.
449ce4c727ea19f1f0a054b166eb8e1f6d5390c8d988b1c57504ebfc6d2c717a
OpenSSH v3.0.2p1 backdoor. The version displayed and magic password is editable.
0261baf78b29d58daa6f9ebc47e470ec7ad0274dd81dfac55ee5236c9bad1ba8
Steghide is steganography program which hides bits of a data file in some of the least significant bits of another file in such a way that the existence of the data file is not visible and cannot be proven. Steghide is designed to be portable and configurable and features hiding data in bmp, wav and au files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseudo-random distribution of hidden bits in the container data. It is able to embed data in BMP, WAV, and AU files.
04b1b8dc075d3506a28add758eaf34d83c76ee20d61776afd2582e7a5d347f71
Some areas of the Cobalt XTR UI are not .htaccess protected, allowing remote users to exploit the MultiFileUpload.php remote root vulnerability. Requires shell access to exploit. Includes a perl script to base64 encode the time for filename guessing.
0335dc5f5c37c8c68507a7da7f1bc5e9845dec9c23e2c1867d5f13a90ff49b69
FreeBSD Security Advisory FreeBSD-SA-02:17 - The mod_frontpage port prior to version mod_portname-1.6.1 contains several remotely exploitable buffer overflows in the fpexec wrapper, which is installed setuid root.
6baaa26e93cb19abe4d52eaea219513b94a7b57aba7a390dac5d9e0085650a3b
FreeBSD Security Advisory FreeBSD-SA-02:16 - Versions 4.76 and earlier of the Netscape browser will execute JavaScript contained in gif and jpeg comment blocks, allowing a hostile web server to see what is in your cache.
01e68c967241355e54d0dbda9dfd7c8b5b192f70e3f4324fc7e3b5072fa315c0
FreeBSD Security Advisory FreeBSD-SA-02:15 - The port of the cyrus-sasl library prior to v1.5.24_8 contains a format string overflow in the syslog() call. Applications linked to that library could be affected.
ca1331948c84e83bcb66af1dcea4f17326b3ce7aa470a48f16bd1f4ffb9e66d8
FreeBSD Security Advisory FreeBSD-SA-02:14.pam-pgsql - The pam-pgsql port prior to v0.5.2 contains a vulnerability which allows remote users to cause arbitrary SQL code to be executed because the username and password given are inserted into a SQL statement with no safety checks.
6e3b0e22ccea6f55953d641696c316bff3e1aa4a2c38403ddae911b7abdcd9c8
CERT Advisory CA-2002-07 - A bug in the zlib compression library prior to v1.1.4 manifests itself as a vulnerability in any of the many programs that are linked with zlib, and allows an attackers to mount a dos attack, gather info, or execute arbitrary code. Passing a specially-crafted block of invalid compressed data to a program that includes zlib, the program's attempt to decompress the crafted data can cause the zlib routines to corrupt the internal data structures. Fix available here.
027ea4a9b9fc60c7fe3a2fa2e98a44ecd8a73fe17a8674c2a37e4e3c66be400e
Ptrace2.4 is a local root exploit for linux kernels prior to v2.4.9 and 2.2.20.
e985a2a3cfca07b197336e769c86daa09d889ea8c80b3e00fc8291655c670ba1
Wellenreiter is a GTK/Perl program that makes the discovery and the auditing of 802.11b wireless-networks much easier. It has an embedded statistics engine for the common parameters provided by the wireless drivers, enabling you to view details about the consistency and signal strength of the network. A scanner window can be used to discover access-points, networks, and ad-hoc cards. It detects essid broadcasting or non-broadcasting networks in every channel, automatically switching frequencies. Wellenreiter can run on low-resolution devices that can run GTK/Perl and Linux/BSD (such as iPaqs).
c9b6dc3395ff1b64fbe2b8c00b21bac822f84ceb255603b81ce306b90c3453cd
PHP Nuke v5.5 has a cross site scripting vulnerability. Exploit information included.
ea0a2f907d32e11a8d8ea2a9d231190a234851a4b50bf5f9b2a309b314e8c10a
Hhp-qtip.c is a local root exploit for /usr/bin/tip on BSDI 4.2. Requires access to tip, usually gid(dialer).
68b298f994c8c477f0f7455e566dc8f16aa96901ae020b249e0593c73d2ca8d6
Fingerprinting Port 80 Attacks - A look into web server, and web application attack signatures, Part Two. Includes fingerprints, advanced fingerprints, cross site scripting examples, modified headers, more encoding, webserver codes and logging, and more.
d97f5503f10321059cd43269ac5f60529aabdbc377241beee4a5c1b65a186534
Increasing Performance in High Speed NIDS is a paper discussing a number of methods to increase performance in Snort and also NIDS in general. Discusses bottlenecks that Snort has, a brief history of snort pattern matching, and the work that Silicon Defense did with Aho-Corasick_Boyer-Moore, discussing the differences between network grep and protocol analysis.
337737f0c2eeefdc2058b99a8043d983e504f5cd46712753df479953689227e6
HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.
552dd35b52705c6f4314d2fbacd357c66afb6fdeeaacea6b3e9985d2b2b25b81
RSTunnel (Reliable SSH Tunnel) allows you to tunnel through data between two networks in a secure and encrypted tunnel. It uses SSH to connect the two machines. This will setup a tunnel for you, and make sure that it's constantly running.
664cc131289c8e42c28c00f231c24b43fc2c55c29b427ad43306af3ccb6f6f63
Bubblegum is a daemon written in C which watches a file's access, modification, and inode change times, logging the changes. It can run an external command, read files from a filelist, and more.
5c7e9df2bb329004b551a8c035de176728b73494dc8b559eafe3ccef9cc05c2d